RHSA-2019:3401-01 -- Redhat 389-ds-baseID: oval:org.secpod.oval:def:503425 | Date: (C)2019-11-08 (M)2023-05-02 |
Class: PATCH | Family: unix |
389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds-base: Read permission check bypass via the deref plugin * 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default * 389-ds-base: DoS via hanging secured connections * 389-ds-base: using dscreate in verbose mode results in information disclosure For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |